<?php
// ***** User.class *****
class User{
  var $username;
  var $password;
  var $rol;
  var $id;

  function User($username, $password){
    $this->username = $username;
    $this->password = $password;
  }
  
  public function isRegistered(){
    return !empty($this->rol);
  }

  public function isAdmin(){
    return $this->rol == 'administrador';
  }

  public function login(&$db, $username, $password) {
    global $session;
    $result =& $db->query('SELECT * FROM usuario JOIN rol ON usr_rol_id = rol_id WHERE usr_nombre = '.
            $db->formatValue($username) .' AND usr_password = '. $db->formatValue($password));
    if($row = $result->oneRow()) {
      $this->id = $row['usr_id'];
      $this->username = $username;
      $this->password = $password;
      $this->rol = $row['rol_nombre'];
      $session->setRef('user', $this);
      return true;
    } else {
      $this->nombre = 'visitante';
      $this->rol = NULL;
      $this->id = NULL;
      $session->set('user', '');
      return false;
    }
  }

  public function logout() {
    global $session;
    $session->set('user', '');
    $session->delete_session();
  }

} // end User.class

?>